IBM Security Verify Information Disclosure Vulnerability (CNVD-2022-03939)

IBM Security VerifyAccess (ISAM) is a service from IBM USA that improves user access security. The service enables secure and simple access to platforms such as Web, mobile, IoT, and cloud technologies through the use of risk-based access, single sign-on, integrated access management controls, identity federation, and mobile multi-factor authentication.IBM Security Verify has an information disclosure vulnerability that stems from the potential to disclose sensitive version information in the HTTP response header, which could help further attacks on the system. No detailed vulnerability details are currently available.